Are You Drifting Toward Disaster? How to Detect and Prevent the Configuration Drift Exposing Your Organization to Risk
Posted by on March 06, 2018
Can a fragile little butterfly put your enterprise IT organization at risk? In a figurative sense, yes.
According to the chaos theory, a very small change—such as the single flap of a butterfly’s wings—can spur massive and negative consequences. Atmospheric disturbances that begin with a butterfly flitting about in Brazil, for example, might ultimately result in a tornado in Texas.
Whether or not you buy in to the theory, the concept of the butterfly effect certainly applies to your IT organization. The equivalent has occurred countless times in your organization. It’s probably happening right now.
The Insidious Inevitability of Configuration Drift
Every IT organization experiences configuration drift. In your organization, it’s likely that multiple examples occur every day. And every single occurrence could be likened to a butterfly-effect-like incident that might ultimately lead to disaster.
Configuration drift occurs when changes—even very small ones—are made to hardware or software infrastructures. For the sake of discussion, let’s imagine that your IT organization achieves a state of perfect symbiosis. All components of the IT organization, including users, are configured to interact in a manner that minimizes your exposure to cybersecurity threats.
But then, inevitably, something changes. Maybe it's a simple code update. Perhaps a change to a user’s permissions. Possibly a version upgrade to a SaaS tool. The possible changes are countless, and they’re likely to occur multiple times on a daily basis.
Each change is potentially that flap of the butterfly’s wing; the first falling domino. As the impact of the change ripples throughout the organization, the results may be minor or they may be catastrophic. But, with certainty, the unified configuration of your organization has drifted away from perfection.
Many of the changes that can lead to configuration drift are necessary and unavoidable. That’s why it’s so important to be able to monitor your organization for indications of configuration drift.
You Need a Canary in Your Coal Mine
Just as canaries once warned coal miners of an influx of deadly carbon monoxide gas, every IT organization should maintain a warning system for configuration drift. When any change occurs that could lead to trouble, the warning system should alert IT management to the danger.
Tripwire Enterprise provides that early warning system. In today’s world of wildly escalating cybersecurity threats, the defense against configuration drift provided by Tripwire is an invaluable resource. Tripwire Enterprise provides:
- Real-Time Change Intelligence: Tripwire detects and evaluates changes and prioritizes security risks. Tripwire’s file integrity monitoring offers the ability to detect changes to integrity within:
- Configuration parameters
- System Hardening and Compliance Enforcement: Reduces risk by shrinking your attack surface, and reduces audit preparation time and cost. Provides audit-ready reporting and proof-of-compliance capability.
- Security Automation and Remediation: Automates your ability to detect and repair non-compliant systems. Enables the automation of workflows, and streamlines investigations and root-cause analysis.
Perhaps most importantly, Tripwire helps you efficiently focus your limited resources in prioritizing your defenses against the most dangerous risks.
Tripwire Integrates Seamlessly with Cherwell Service Management
Thousands of enterprises worldwide choose Cherwell Service Management, in part, because the platform is so easy to customize and configure. And now Tripwire’s configuration drift defense and compliance-automation capabilities can easily be incorporated into the Cherwell platform.
Integrating Tripwire Enterprise into the Cherwell platform further automates the process of managing change. When Tripwire detects a change, it is reported to the Cherwell platform. The Cherwell platform evaluates the change, and either approves it or generates an incident report.
If an incident report is generated, it will provide your staff with a wealth of information that will help streamline your team’s response to the problem. The incident report will even rate the likely impact of the incident on a numerical scale. Similarly, the incident report will assign a recommended priority to the incident.
Details provided by the incident report will include items such as:
- What changed
- Who changed it
- When it changed
- How it changed
Your staff will know far more than the simple fact that the canary stopped singing.
Cherwell Enables Easy Incorporation of the Best ITSM-Complimenting Capabilities
Cherwell customers can now easily implement Tripwire Enterprise with the Cherwell platform. And Cherwell’s mApp offers the same easy-integration/simplified-management for many other vendors. Capabilities include:
- Risk Management
- Dependency Mapping
- Cloud Management
- Performance Management
- Identity Management
Cherwell’s mApp can add capability to your ITSM platform without increasing management workload. And security-enhancing tools like Tripwire Enterprise can provide a critically important compliment to your ITSM capabilities.
See how integrating Tripwire into your ITSM can prevent configuration drift.
Ebook 5 min
The Definitive Guide to Service Desk KPIs and Metrics
In this comprehensive guide, you'll learn how to develop a portfolio of ITSM KPIs and Metrics that support not only your own IT team's goals, but also the business outcomes your service desk is expected to deliver.
Ebook 7 min
7 Deadly Sins of ITIL Implementation
Wondering whether ITIL® is still relevant in today's fast-paced digital environment? ITIL holds many timeless truths, but it can be misapplied when taken too literally. Uncover the seven mistakes commonly made with ITIL implementations, and gain guidance on how you can go faster—while still upholding ITIL's key principles.
Analyst Research 10 min
NEW! Gartner 2019 Magic Quadrant for ITSM Tools
Considering a new ITSM solution? Start with a complimentary copy of Gartner’s 2019 Magic Quadrant for IT Service Management Tools. The Magic Quadrant provides an evaluation of ten ITSM vendors—along with their viability, strengths, and cautions—and recommendations for defining your requirements
You might also be interested in
Don’t Even Think About Cloud Migration Unless You’ve Done This First
Application dependency mapping provides visibility into all components to help ensure that nothing is overlooked during cloud migration.
4 Must-Have Features for CMDB Tools
Here's how to know if your CMDB is problematic—and what features to look for to ensure you're getting all the benefits the CMDB offers.
How to Increase Your Risk Management Protection AND Decrease Your IT Service Management Overhead
An additional ITSM management tool doesn't have to increase your management workload—here's what you need to know.